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The Deputy Director of Central Intelligence 

Washington. D C. 20505 


5 JUL 1985 


MEMORANDUM FOR: The Honorable Donald C. Latham 

Assistant Secretary of Defense for 
Command, Control, Communications and Intelligence 


SUBJECT: Computer Security Center Review of DCI SAFEGUARDS 


1. I appreciate your sending us a copy of the DoD Computer Security 
Center's (CSC) review of the DCI's SAFEGUARDS document. In substance, it 
seems less a serious indictment than fresh evidence that we need to work 
more closely together to get on with improving computer security. Our 
analysis (summary attached) indicates the DoD CSC was unaware that the 
SAFEGUARDS focus entirely on providing implementable, near-term security 
improvements to identified "critical systems" and are not intended to be 
a long-term, general prescription for computer security. Other flaws 
perceived by DoD CSC are largely disagreements about terminology and its 
interpretation rather than fundamental differences. We are prepared to 
work closely with NTISSC and the DoD CSC to resolve such problems. 

2. At the same time, however, we need your cooperation in moving, 
as rapidly as possible, to do all that is technically and operationally 
feasible in the near term to improve the security of the critical systems 
identified by the DCI. 


Attachment: 
As Stated 



All portions of this memorandum 
are classified SECRET. 



25X1 
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SECRET 


ICS 85-8076 
2 July 1985 


MEMORANDUM FOR: Deputy Director of Central Intelligence 


FROM: 

SUBJECT: 


Director, Intelligence Community Staff 

DoD Computer Security Center Comments on DC I SAFEGUARDS 


25X1 


1. Attached per your request, are two versions of a proposed response to 
Don Latham's note of 10 June which sent us a copy of the DoD Computer Security 
Center (CSC) conments on the DCI SAFEGUARDS. The difference between the two 
versions is that the former includes, as an attachment, a summary of our 
analysis of CSC's review, while the latter simply alludes to that analysis. 


2. In the interim we have been meeting with 


Director, 


Computer Security Center, NSA, in an effort to sort out procedural and 
bureaucratic issues so that we can, oet on w ith the business of computer 


security. We are told t hat, until 


last week. 


of the IHC staff briefed him 


did not realize that the SAFEGUARDS are applicable 


only to near-term fixes for the specifically identified critical systems, a 
misunderstanding that is apparent in his letter to Don Latham. 


25X1 

25X1 

25X1 


25X1 


Vice Admiral, USN 


Attachments : 
As stated 


All portions of this memorandum 
are classified SECRET 
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SUBJECT: DoD Computer Security Center Comments 
on DC I SAFEGUARDS 


Distribution: ICS 85-8076 
1 - DDC1 

1 - Executive Registry 
1 - D/ICS 
1 - C/IHC 
1 - IHC Chrono 
1 - ICS Registry 


ICS/IHC 


(1 Jul 85) 
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SUMMARY OF COMMENTS ON THE DoD CSC's ASSESSMENT OF THE SAFEGUARDS DOCUMENT 


The chief concern expressed by the DoD CSC is that the SAFEGUARDS document 
allows multilevel and compartmented modes of operation of Intelligence 
Community (IC) automated systems using security-related software which is not 
in the operating system. According to the DoD CSC's recommendation, this 
should never be allowed. However, there is currently only one operating 
system listed on the DoD CSC's Evaluated Products List (EPL) that meets the 
Center's criteria for a trusted operating system. This new product has good 
security, but is limited in processing power and in the software support 
capabilities that are the key ingredient for providing the information 
processing services required to support critical IC functions. 

Therefore, if the DoD CSC recommendation was adopted today as policy for 
the IC's "critical system," all strategic SIGINT and IMINT collection and 
processing operations would have to be suspended until major hardware/software 
systems were replaced and applications software and DBMSs converted to operate 
on the new equipment. In addition, several critical DoD intelligence systems 
supporting the U&S Command and major Service components would have to be shut 
down. 

The SAFEGUARDS address the identified "critical systems" and are intended 
to provide them near-term security enhancement. They are intended to be 
consistent with the DoD Criteria to the degree possible, but principally 
reflect direction by the DDCI that security enhancements specified had to be 
realistically achievable and the cost of implementing them had to be estimated 
before they could be mandated. This accounts for variation in the SAFEGUARDS 
as compared to the criteria in the areas of trusted path, trusted 
distribution, and configuration management. As noted in paragraph 6 of the 
DoD CSC cover letter, "cover channels" are not included in the SAFEGUARDS 
because no existing "critical systems" can support this technical requirement. 

Many of the Center's comments are interpretations of security requirements 
stated in the SAFEGUARDS. There is no disagreement with most of these 
interpretations. However, they clearly do not indicate flaws in the 
SAFEGUARDS. Similarly, a number of the editorial problems identified by DoD 
CSC reflect its review of an interim draft of the SAFEGUARDS document rather 
than the final, published version which had already been corrected. 


CtrDCT 
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The Deputy Director of Central Intelligence 

W&shingon, D C 20505 


MEMORANDUM FOR: 


SUBJECT: 


The Honorable Donald C. Latham 
Assistant SecretarjXof Defensfc/for 

Command, Control, \^ommu n i c i o n s and Intelligence 

Computer Security Center Review of DC I SAFEGUARDS 


1. I appreciate your sending us a/doby of the DoD Computer Security 
Center's (CSC) review of the DCI's SAFEGUARDS document. In substance, it 
seems less a serious indictment than /resh ^evidence that we need to work more 
closely together to get on with improving computer security. Our analysis 
(summary attached) indicates the DoO CSC was\unaware that the SAFEGUARDS focus 
entirely on providing implementablyfe, near-tero> security improvements to 
identified "critical systems" any are not intended to be a long-term, general 
prescription for computer securtty. Other flaws perceived by DoD CSC are 
largely disagreements about terminology and its interpretation rather than 
fundamental differences. We are prepared to wqpk closely with NTISSC and the 
DoD CSC to resolve such problems. 


2. At the same time, 
rapidly as possible, to d 

in the near term to improve the security of the 
the DCI. I would be haj^py to discuss this matte 
convenient time. 


wever, we need your ^cooperation in moving, as 
all that is technically and operationally feasible 

ritical systems identified by 
with you at a mutually 


John N. McMahon 


Attachment: 
As stated 


All portions of this memorandum 
are classified SECRET 
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^ SECRET ^ 

The Deputy Director of Central Intelligence 

Vteshingon. D C 20505 


MEMORANDUM FOR: 


SUBJECT: 


The Honorable Donald C. I.atham 
Assistant Secretary of Defense for y 
Command, Control, Communications, and/intelligence 

Computer Security Center Review of B(jl SAFEGUARDS 


1. I appreciate your sending us a copy d? the DoD Computer Security 

Center's (CSC) review of the DCI's SAFEGUARDS. In substance, it seems less a 
serious indictment than fresh evidence thdft we need to work more closely 
together to get on with improving computer! security. Our analysis indicates 
the DoD CSC was unaware that the SAFE&kfARDS focus entirely on providing 
implementable near-term security improvements to identified "critical systems" 
and are not intended to be a long-term, general prescription for computer 
security. Other flaws perceived b/DoD CSClare largely disagreements about 
terminology and its interpretation! rather tnan fundamental differences. We 
are prepared to work closely witfl NTISSC and the DoD CSC to resolve such 
problems. / | 

2. At the same time, however, we need your cooperation in moving, as 
rapidly as possible, to d<yall that is technically and operationally feasible 
in the near term to impro/e the security of ihe critical systems identified by 
the DCI. I would be haopy to discuss this matter with you at a mutually 
convenient time. / 


John N. McMahon 


25X1 
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